admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-08T21:00:19.924394+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-08 21:03:43 +00:00
parent 525d096ba8
commit 224f13c561
70 changed files with 3726 additions and 497 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2020/CVE-2020-190xx/CVE-2020-19028.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-19028", "id": "CVE-2020-19028",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T21:15:10.307", "published": "2023-06-05T21:15:10.307",
"lastModified": "2024-11-21T05:08:55.090", "lastModified": "2025-01-08T20:15:23.773",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-434" "value": "CWE-434"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-333xx/CVE-2023-33386.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33386", "id": "CVE-2023-33386",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T15:15:09.197", "published": "2023-06-05T15:15:09.197",
"lastModified": "2024-11-21T08:05:31.720", "lastModified": "2025-01-08T20:15:24.450",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-434" "value": "CWE-434"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-334xx/CVE-2023-33408.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33408", "id": "CVE-2023-33408",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T21:15:11.140", "published": "2023-06-05T21:15:11.140",
"lastModified": "2024-11-21T08:05:32.543", "lastModified": "2025-01-08T20:15:24.640",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-334xx/CVE-2023-33409.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33409", "id": "CVE-2023-33409",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T21:15:11.193", "published": "2023-06-05T21:15:11.193",
"lastModified": "2024-11-21T08:05:32.717", "lastModified": "2025-01-08T19:15:29.267",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-352" "value": "CWE-352"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-334xx/CVE-2023-33410.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33410", "id": "CVE-2023-33410",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T21:15:11.243", "published": "2023-06-05T21:15:11.243",
"lastModified": "2024-11-21T08:05:32.870", "lastModified": "2025-01-08T19:15:29.670",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-1236" "value": "CWE-1236"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-335xx/CVE-2023-33518.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33518", "id": "CVE-2023-33518",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T15:15:09.247", "published": "2023-06-05T15:15:09.247",
"lastModified": "2024-11-21T08:05:40.207", "lastModified": "2025-01-08T19:15:29.863",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-668" "value": "CWE-668"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-335xx/CVE-2023-33524.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33524", "id": "CVE-2023-33524",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T17:15:08.940", "published": "2023-06-05T17:15:08.940",
"lastModified": "2024-11-21T08:05:40.340", "lastModified": "2025-01-08T19:15:30.063",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-22" "value": "CWE-22"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-336xx/CVE-2023-33693.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33693", "id": "CVE-2023-33693",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T16:15:09.500", "published": "2023-06-05T16:15:09.500",
"lastModified": "2024-11-21T08:05:52.980", "lastModified": "2025-01-08T19:15:30.350",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-337xx/CVE-2023-33731.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33731", "id": "CVE-2023-33731",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T12:15:09.410", "published": "2023-06-02T12:15:09.410",
"lastModified": "2024-11-21T08:05:54.657", "lastModified": "2025-01-08T20:15:24.840",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-337xx/CVE-2023-33733.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33733", "id": "CVE-2023-33733",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T16:15:09.550", "published": "2023-06-05T16:15:09.550",
"lastModified": "2024-11-21T08:05:54.950", "lastModified": "2025-01-08T19:15:30.560",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-337xx/CVE-2023-33761.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33761", "id": "CVE-2023-33761",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T20:15:09.777", "published": "2023-06-02T20:15:09.777",
"lastModified": "2024-11-21T08:05:57.880", "lastModified": "2025-01-08T20:15:25.050",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-337xx/CVE-2023-33762.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33762", "id": "CVE-2023-33762",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T20:15:09.823", "published": "2023-06-02T20:15:09.823",
"lastModified": "2024-11-21T08:05:58.030", "lastModified": "2025-01-08T20:15:25.250",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-337xx/CVE-2023-33763.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33763", "id": "CVE-2023-33763",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T20:15:09.867", "published": "2023-06-02T20:15:09.867",
"lastModified": "2024-11-21T08:05:58.180", "lastModified": "2025-01-08T20:15:26.130",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-344xx/CVE-2023-34408.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34408", "id": "CVE-2023-34408",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T02:15:09.537", "published": "2023-06-05T02:15:09.537",
"lastModified": "2024-11-21T08:07:10.603", "lastModified": "2025-01-08T20:15:26.503",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

71
CVE-2023/CVE-2023-477xx/CVE-2023-47710.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47710", "id": "CVE-2023-47710",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-05-24T12:15:08.553", "published": "2024-05-24T12:15:08.553",
"lastModified": "2024-11-21T08:30:43.163", "lastModified": "2025-01-08T20:17:26.143",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -51,22 +71,61 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_guardium:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9329F08-2AA4-4126-9A7F-1EEBB25A6C1C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_guardium:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F327AB-9F53-402C-9BFA-F66F20A83B40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_guardium:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58C5F3EF-C0F7-4CC9-9A31-5D0DDFA068F3"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271525", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271525",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7154435", "url": "https://www.ibm.com/support/pages/node/7154435",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271525", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271525",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7154435", "url": "https://www.ibm.com/support/pages/node/7154435",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

54
CVE-2024/CVE-2024-05xx/CVE-2024-0515.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0515", "id": "CVE-2024-0515",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:18.197", "published": "2024-02-29T01:43:18.197",
"lastModified": "2024-11-21T08:46:46.133", "lastModified": "2025-01-08T19:02:52.477",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,22 +39,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.88",
"matchCriteriaId": "93085B8A-2E52-4B61-A114-D7DD96727501"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a4178271-c09e-4094-a616-5a00d28f39a3?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a4178271-c09e-4094-a616-5a00d28f39a3?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a4178271-c09e-4094-a616-5a00d28f39a3?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a4178271-c09e-4094-a616-5a00d28f39a3?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

54
CVE-2024/CVE-2024-05xx/CVE-2024-0516.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0516", "id": "CVE-2024-0516",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:18.350", "published": "2024-02-29T01:43:18.350",
"lastModified": "2024-11-21T08:46:46.267", "lastModified": "2025-01-08T19:06:41.057",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,22 +39,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.88",
"matchCriteriaId": "93085B8A-2E52-4B61-A114-D7DD96727501"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3457b87-c860-4cf2-ac3d-2c6521b629ea?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3457b87-c860-4cf2-ac3d-2c6521b629ea?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3457b87-c860-4cf2-ac3d-2c6521b629ea?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3457b87-c860-4cf2-ac3d-2c6521b629ea?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

54
CVE-2024/CVE-2024-11xx/CVE-2024-1171.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1171", "id": "CVE-2024-1171",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:41.587", "published": "2024-02-29T01:43:41.587",
"lastModified": "2024-11-21T08:49:57.397", "lastModified": "2025-01-08T19:07:55.783",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,22 +39,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.9.9",
"matchCriteriaId": "B1DB6564-07FC-44EF-B4CD-54000424D5DD"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3034127/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php", "url": "https://plugins.trac.wordpress.org/changeset/3034127/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fafdd087-9637-41df-bc5a-97e1a02ea744?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fafdd087-9637-41df-bc5a-97e1a02ea744?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3034127/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php", "url": "https://plugins.trac.wordpress.org/changeset/3034127/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fafdd087-9637-41df-bc5a-97e1a02ea744?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fafdd087-9637-41df-bc5a-97e1a02ea744?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

74
CVE-2024/CVE-2024-11xx/CVE-2024-1172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1172", "id": "CVE-2024-1172",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:41.740", "published": "2024-02-29T01:43:41.740",
"lastModified": "2024-11-21T08:49:57.517", "lastModified": "2025-01-08T19:08:16.787",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,38 +39,92 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.9.9",
"matchCriteriaId": "B1DB6564-07FC-44EF-B4CD-54000424D5DD"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.7/includes/Elements/Adv_Accordion.php#L1227", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.7/includes/Elements/Adv_Accordion.php#L1227",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.7/includes/Elements/Adv_Accordion.php#L1292", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.7/includes/Elements/Adv_Accordion.php#L1292",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034127%40essential-addons-for-elementor-lite%2Ftrunk&old=3029928%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034127%40essential-addons-for-elementor-lite%2Ftrunk&old=3029928%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f2ff2cc6-b584-442b-890b-033a0a047c24?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f2ff2cc6-b584-442b-890b-033a0a047c24?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.7/includes/Elements/Adv_Accordion.php#L1227", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.7/includes/Elements/Adv_Accordion.php#L1227",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.7/includes/Elements/Adv_Accordion.php#L1292", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.7/includes/Elements/Adv_Accordion.php#L1292",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034127%40essential-addons-for-elementor-lite%2Ftrunk&old=3029928%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034127%40essential-addons-for-elementor-lite%2Ftrunk&old=3029928%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f2ff2cc6-b584-442b-890b-033a0a047c24?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f2ff2cc6-b584-442b-890b-033a0a047c24?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

74
CVE-2024/CVE-2024-12xx/CVE-2024-1236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1236", "id": "CVE-2024-1236",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:44.513", "published": "2024-02-29T01:43:44.513",
"lastModified": "2024-11-21T08:50:07.797", "lastModified": "2025-01-08T19:08:56.023",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,38 +39,92 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.9.9",
"matchCriteriaId": "B1DB6564-07FC-44EF-B4CD-54000424D5DD"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3259", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3259",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3261", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3261",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3034127/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php", "url": "https://plugins.trac.wordpress.org/changeset/3034127/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/43014ecd-72d9-44cc-be24-c0c9790ddc20?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/43014ecd-72d9-44cc-be24-c0c9790ddc20?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3259", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3259",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3261", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3261",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3034127/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php", "url": "https://plugins.trac.wordpress.org/changeset/3034127/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/43014ecd-72d9-44cc-be24-c0c9790ddc20?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/43014ecd-72d9-44cc-be24-c0c9790ddc20?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

141
CVE-2024/CVE-2024-131xx/CVE-2024-13188.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-13188",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-08T19:15:30.840",
"lastModified": "2025-01-08T19:15:30.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. Affected by this issue is some unknown functionality of the file /opt/MicroWorld/var/ of the component Installation Handler. The manipulation leads to incorrect default permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 4.3,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
},
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://github.com/hawkteam404/RnD_Public/blob/main/escan_incorrect_default_perm.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.290780",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.290780",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.468796",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2024/CVE-2024-131xx/CVE-2024-13189.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2024-13189",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-08T20:15:27.353",
"lastModified": "2025-01-08T20:15:27.353",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file src/main/java/com/wdd/myblog/config/MyBlogMvcConfig.java. The manipulation leads to permission issues. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
},
{
"lang": "en",
"value": "CWE-275"
}
]
}
],
"references": [
{
"url": "https://github.com/ZeroWdd/myblog/issues/1",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/ZeroWdd/myblog/issues/1#issue-2759828006",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.290781",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.290781",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.469223",
"source": "cna@vuldb.com"
}
]
}

54
CVE-2024/CVE-2024-15xx/CVE-2024-1537.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1537", "id": "CVE-2024-1537",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:24.440", "published": "2024-03-13T16:15:24.440",
"lastModified": "2024-11-21T08:50:46.897", "lastModified": "2025-01-08T19:09:15.633",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,22 +39,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.9.10",
"matchCriteriaId": "782C2137-4E65-42D7-8075-56AFC7F5C400"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3037755/essential-addons-for-elementor-lite/tags/5.9.10/includes/Elements/Data_Table.php", "url": "https://plugins.trac.wordpress.org/changeset/3037755/essential-addons-for-elementor-lite/tags/5.9.10/includes/Elements/Data_Table.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/81a48c61-4191-4252-9230-9df8fc5e3443?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/81a48c61-4191-4252-9230-9df8fc5e3443?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3037755/essential-addons-for-elementor-lite/tags/5.9.10/includes/Elements/Data_Table.php", "url": "https://plugins.trac.wordpress.org/changeset/3037755/essential-addons-for-elementor-lite/tags/5.9.10/includes/Elements/Data_Table.php",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/81a48c61-4191-4252-9230-9df8fc5e3443?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/81a48c61-4191-4252-9230-9df8fc5e3443?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

94
CVE-2024/CVE-2024-15xx/CVE-2024-1567.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1567", "id": "CVE-2024-1567",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-05-02T17:15:11.603", "published": "2024-05-02T17:15:11.603",
"lastModified": "2024-11-21T08:50:51.123", "lastModified": "2025-01-08T20:47:46.820",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,41 +36,115 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 4.2 "impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.95",
"matchCriteriaId": "07B036E4-FDC2-422E-97F9-3AE8604F4569"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.3.89/classes/modules/forms/wpr-file-upload.php#L105", "url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.3.89/classes/modules/forms/wpr-file-upload.php#L105",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.3.90/classes/modules/forms/wpr-file-upload.php", "url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.3.90/classes/modules/forms/wpr-file-upload.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3056612/royal-elementor-addons/tags/1.3.95/classes/modules/forms/wpr-file-upload.php?old=3055840&old_path=royal-elementor-addons%2Ftags%2F1.3.94%2Fclasses%2Fmodules%2Fforms%2Fwpr-file-upload.php", "url": "https://plugins.trac.wordpress.org/changeset/3056612/royal-elementor-addons/tags/1.3.95/classes/modules/forms/wpr-file-upload.php?old=3055840&old_path=royal-elementor-addons%2Ftags%2F1.3.94%2Fclasses%2Fmodules%2Fforms%2Fwpr-file-upload.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7a04705d-cd17-4b4b-b04d-de55d6479dab?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7a04705d-cd17-4b4b-b04d-de55d6479dab?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.3.89/classes/modules/forms/wpr-file-upload.php#L105", "url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.3.89/classes/modules/forms/wpr-file-upload.php#L105",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.3.90/classes/modules/forms/wpr-file-upload.php", "url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.3.90/classes/modules/forms/wpr-file-upload.php",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3056612/royal-elementor-addons/tags/1.3.95/classes/modules/forms/wpr-file-upload.php?old=3055840&old_path=royal-elementor-addons%2Ftags%2F1.3.94%2Fclasses%2Fmodules%2Fforms%2Fwpr-file-upload.php", "url": "https://plugins.trac.wordpress.org/changeset/3056612/royal-elementor-addons/tags/1.3.95/classes/modules/forms/wpr-file-upload.php?old=3055840&old_path=royal-elementor-addons%2Ftags%2F1.3.94%2Fclasses%2Fmodules%2Fforms%2Fwpr-file-upload.php",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7a04705d-cd17-4b4b-b04d-de55d6479dab?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7a04705d-cd17-4b4b-b04d-de55d6479dab?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

64
CVE-2024/CVE-2024-26xx/CVE-2024-2623.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2623", "id": "CVE-2024-2623",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:35.610", "published": "2024-04-09T19:15:35.610",
"lastModified": "2024-11-21T09:10:09.310", "lastModified": "2025-01-08T20:15:47.823",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,30 +39,78 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.9.12",
"matchCriteriaId": "B698D62F-C0EA-4A8D-AAB7-3CF512893CD9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/browser/assets/front-end/js/view/count-down.js", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/browser/assets/front-end/js/view/count-down.js",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3058018%40essential-addons-for-elementor-lite%2Ftrunk&old=3050196%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3058018%40essential-addons-for-elementor-lite%2Ftrunk&old=3050196%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/baa92aee-a0a0-45d4-aa12-1449a829930c?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/baa92aee-a0a0-45d4-aa12-1449a829930c?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/browser/assets/front-end/js/view/count-down.js", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/browser/assets/front-end/js/view/count-down.js",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3058018%40essential-addons-for-elementor-lite%2Ftrunk&old=3050196%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3058018%40essential-addons-for-elementor-lite%2Ftrunk&old=3050196%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/baa92aee-a0a0-45d4-aa12-1449a829930c?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/baa92aee-a0a0-45d4-aa12-1449a829930c?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

54
CVE-2024/CVE-2024-26xx/CVE-2024-2650.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2650", "id": "CVE-2024-2650",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:35.780", "published": "2024-04-09T19:15:35.780",
"lastModified": "2024-11-21T09:10:12.913", "lastModified": "2025-01-08T20:06:29.560",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,22 +39,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.9.11",
"matchCriteriaId": "7C5C8823-28E1-4B98-B9F5-36317CF9129E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3058018%40essential-addons-for-elementor-lite%2Ftrunk&old=3050196%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3058018%40essential-addons-for-elementor-lite%2Ftrunk&old=3050196%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7242d808-9c33-4b3f-bda6-b4b72ca37de9?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7242d808-9c33-4b3f-bda6-b4b72ca37de9?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3058018%40essential-addons-for-elementor-lite%2Ftrunk&old=3050196%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3058018%40essential-addons-for-elementor-lite%2Ftrunk&old=3050196%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7242d808-9c33-4b3f-bda6-b4b72ca37de9?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7242d808-9c33-4b3f-bda6-b4b72ca37de9?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

54
CVE-2024/CVE-2024-26xx/CVE-2024-2664.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2664", "id": "CVE-2024-2664",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-04-10T04:15:08.697", "published": "2024-04-10T04:15:08.697",
"lastModified": "2024-11-21T09:10:14.517", "lastModified": "2025-01-08T20:05:38.290",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,22 +39,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.10.25",
"matchCriteriaId": "8300B369-5AD5-4B43-B619-CCC50361C809"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3055384%40premium-addons-for-elementor&new=3055384%40premium-addons-for-elementor&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3055384%40premium-addons-for-elementor&new=3055384%40premium-addons-for-elementor&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccb7e94c-385e-4ce9-acfa-978403047159?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccb7e94c-385e-4ce9-acfa-978403047159?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3055384%40premium-addons-for-elementor&new=3055384%40premium-addons-for-elementor&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3055384%40premium-addons-for-elementor&new=3055384%40premium-addons-for-elementor&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccb7e94c-385e-4ce9-acfa-978403047159?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccb7e94c-385e-4ce9-acfa-978403047159?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

54
CVE-2024/CVE-2024-26xx/CVE-2024-2665.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2665", "id": "CVE-2024-2665",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-04-10T04:15:09.023", "published": "2024-04-10T04:15:09.023",
"lastModified": "2024-11-21T09:10:14.640", "lastModified": "2025-01-08T20:05:50.257",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,22 +39,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.10.28",
"matchCriteriaId": "C3038B59-D841-48B4-AE59-59387CAAA2FD"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3066988%40premium-addons-for-elementor&new=3066988%40premium-addons-for-elementor&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3066988%40premium-addons-for-elementor&new=3066988%40premium-addons-for-elementor&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cab56873-f79c-4fd2-8d40-ee4a338cbe8b?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cab56873-f79c-4fd2-8d40-ee4a338cbe8b?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3066988%40premium-addons-for-elementor&new=3066988%40premium-addons-for-elementor&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3066988%40premium-addons-for-elementor&new=3066988%40premium-addons-for-elementor&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cab56873-f79c-4fd2-8d40-ee4a338cbe8b?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cab56873-f79c-4fd2-8d40-ee4a338cbe8b?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

54
CVE-2024/CVE-2024-26xx/CVE-2024-2666.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2666", "id": "CVE-2024-2666",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-04-10T04:15:09.327", "published": "2024-04-10T04:15:09.327",
"lastModified": "2024-11-21T09:10:14.760", "lastModified": "2025-01-08T19:47:15.707",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,22 +39,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.10.25",
"matchCriteriaId": "8300B369-5AD5-4B43-B619-CCC50361C809"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3055384%40premium-addons-for-elementor&new=3055384%40premium-addons-for-elementor&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3055384%40premium-addons-for-elementor&new=3055384%40premium-addons-for-elementor&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18b2d99a-f55c-4a05-8442-e1fddd59181f?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18b2d99a-f55c-4a05-8442-e1fddd59181f?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3055384%40premium-addons-for-elementor&new=3055384%40premium-addons-for-elementor&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3055384%40premium-addons-for-elementor&new=3055384%40premium-addons-for-elementor&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18b2d99a-f55c-4a05-8442-e1fddd59181f?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18b2d99a-f55c-4a05-8442-e1fddd59181f?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

54
CVE-2024/CVE-2024-29xx/CVE-2024-2974.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2974", "id": "CVE-2024-2974",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:38.817", "published": "2024-04-09T19:15:38.817",
"lastModified": "2024-11-21T09:10:57.973", "lastModified": "2025-01-08T20:06:14.587",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,22 +39,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.9.14",
"matchCriteriaId": "39C899E2-8FEE-4DC2-9E2B-777566B719CC"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3060417/essential-addons-for-elementor-lite/tags/5.9.14/includes/Traits/Ajax_Handler.php", "url": "https://plugins.trac.wordpress.org/changeset/3060417/essential-addons-for-elementor-lite/tags/5.9.14/includes/Traits/Ajax_Handler.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/78f96d7f-aeca-4959-9573-0fb6402de007?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/78f96d7f-aeca-4959-9573-0fb6402de007?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3060417/essential-addons-for-elementor-lite/tags/5.9.14/includes/Traits/Ajax_Handler.php", "url": "https://plugins.trac.wordpress.org/changeset/3060417/essential-addons-for-elementor-lite/tags/5.9.14/includes/Traits/Ajax_Handler.php",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/78f96d7f-aeca-4959-9573-0fb6402de007?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/78f96d7f-aeca-4959-9573-0fb6402de007?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

42
CVE-2024/CVE-2024-300xx/CVE-2024-30041.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30041", "id": "CVE-2024-30041",
"sourceIdentifier": "secure@microsoft.com", "sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:13.333", "published": "2024-05-14T17:17:13.333",
"lastModified": "2024-11-21T09:11:07.513", "lastModified": "2025-01-08T19:13:10.127",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,16 +49,50 @@
"value": "CWE-693" "value": "CWE-693"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:bing_search:*:*:*:*:*:iphone_os:*:*",
"versionEndExcluding": "28.2.420417001",
"matchCriteriaId": "0C0D6D24-6FB4-4A7E-8566-4DC4FE2E7D20"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30041", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30041",
"source": "secure@microsoft.com" "source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30041", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30041",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

62
CVE-2024/CVE-2024-300xx/CVE-2024-30056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30056", "id": "CVE-2024-30056",
"sourceIdentifier": "secure@microsoft.com", "sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-25T18:15:13.347", "published": "2024-05-25T18:15:13.347",
"lastModified": "2024-11-21T09:11:09.417", "lastModified": "2025-01-08T20:20:05.590",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 4.2 "impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
} }
] ]
}, },
@ -49,16 +69,50 @@
"value": "CWE-359" "value": "CWE-359"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "124.0.2478.109",
"matchCriteriaId": "88A05EEC-C172-45F7-ADD7-4A60C499AC8B"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30056", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30056",
"source": "secure@microsoft.com" "source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30056", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30056",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

54
CVE-2024/CVE-2024-30xx/CVE-2024-3018.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3018", "id": "CVE-2024-3018",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-03-30T12:15:07.543", "published": "2024-03-30T12:15:07.543",
"lastModified": "2024-11-21T09:28:41.610", "lastModified": "2025-01-08T19:35:58.073",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,22 +39,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.9.14",
"matchCriteriaId": "39C899E2-8FEE-4DC2-9E2B-777566B719CC"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3060417/essential-addons-for-elementor-lite", "url": "https://plugins.trac.wordpress.org/changeset/3060417/essential-addons-for-elementor-lite",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/342049e5-834e-4867-8174-01ca7bb0caa2?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/342049e5-834e-4867-8174-01ca7bb0caa2?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3060417/essential-addons-for-elementor-lite", "url": "https://plugins.trac.wordpress.org/changeset/3060417/essential-addons-for-elementor-lite",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/342049e5-834e-4867-8174-01ca7bb0caa2?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/342049e5-834e-4867-8174-01ca7bb0caa2?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

77
CVE-2024/CVE-2024-318xx/CVE-2024-31894.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31894", "id": "CVE-2024-31894",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-05-22T20:15:09.260", "published": "2024-05-22T20:15:09.260",
"lastModified": "2024-11-21T09:14:05.810", "lastModified": "2025-01-08T19:58:17.603",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,24 +69,69 @@
"value": "CWE-324" "value": "CWE-324"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-672"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.1.0",
"versionEndExcluding": "12.0.12.2",
"matchCriteriaId": "C00FDFA6-B48D-4308-891D-54213C436685"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/288175", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/288175",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7154606", "url": "https://www.ibm.com/support/pages/node/7154606",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}, },
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/288175", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/288175",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7154606", "url": "https://www.ibm.com/support/pages/node/7154606",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

77
CVE-2024/CVE-2024-318xx/CVE-2024-31895.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31895", "id": "CVE-2024-31895",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-05-22T20:15:09.480", "published": "2024-05-22T20:15:09.480",
"lastModified": "2024-11-21T09:14:05.943", "lastModified": "2025-01-08T20:03:38.133",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,24 +69,69 @@
"value": "CWE-324" "value": "CWE-324"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-672"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.1.0",
"versionEndExcluding": "12.0.12.2",
"matchCriteriaId": "C00FDFA6-B48D-4308-891D-54213C436685"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/288176", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/288176",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7154606", "url": "https://www.ibm.com/support/pages/node/7154606",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}, },
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/288176", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/288176",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7154606", "url": "https://www.ibm.com/support/pages/node/7154606",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

54
CVE-2024/CVE-2024-33xx/CVE-2024-3333.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3333", "id": "CVE-2024-3333",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-04-17T12:15:07.470", "published": "2024-04-17T12:15:07.470",
"lastModified": "2024-11-21T09:29:24.470", "lastModified": "2025-01-08T19:43:24.987",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,22 +39,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.9.15",
"matchCriteriaId": "6DC1E40F-9268-472C-92FC-A4CAFDDCEECA"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3067596/essential-addons-for-elementor-lite", "url": "https://plugins.trac.wordpress.org/changeset/3067596/essential-addons-for-elementor-lite",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa5bdaf9-fbde-40d4-a72a-fd24489818b3?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa5bdaf9-fbde-40d4-a72a-fd24489818b3?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3067596/essential-addons-for-elementor-lite", "url": "https://plugins.trac.wordpress.org/changeset/3067596/essential-addons-for-elementor-lite",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa5bdaf9-fbde-40d4-a72a-fd24489818b3?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa5bdaf9-fbde-40d4-a72a-fd24489818b3?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

67
CVE-2024/CVE-2024-381xx/CVE-2024-38163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38163", "id": "CVE-2024-38163",
"sourceIdentifier": "secure@microsoft.com", "sourceIdentifier": "secure@microsoft.com",
"published": "2024-08-14T00:15:07.453", "published": "2024-08-14T00:15:07.453",
"lastModified": "2024-08-14T02:07:05.410", "lastModified": "2025-01-08T20:50:00.877",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,12 +49,73 @@
"value": "CWE-284" "value": "CWE-284"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3920",
"matchCriteriaId": "0EB7F898-3D42-4871-A446-4E4073E69E3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3920",
"matchCriteriaId": "0A2F122C-103A-4F25-85B9-8D59CE6979F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3920",
"matchCriteriaId": "8A9B5508-9077-47F7-A88C-AB533A9C4076"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3920",
"matchCriteriaId": "08F5A8E0-BA79-49DB-8D78-DC9D0ABE7B6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2710",
"matchCriteriaId": "BB732854-10FC-444C-ABF9-406E958D0260"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.2201",
"matchCriteriaId": "467DB312-9F87-4AAA-A0FC-537F76F38CB1"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38163", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38163",
"source": "secure@microsoft.com" "source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

57
CVE-2024/CVE-2024-382xx/CVE-2024-38218.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38218", "id": "CVE-2024-38218",
"sourceIdentifier": "secure@microsoft.com", "sourceIdentifier": "secure@microsoft.com",
"published": "2024-08-12T13:38:23.933", "published": "2024-08-12T13:38:23.933",
"lastModified": "2024-08-13T18:15:31.500", "lastModified": "2025-01-08T20:58:28.473",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.5, "exploitabilityScore": 2.5,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -50,6 +70,16 @@
} }
] ]
}, },
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -61,10 +91,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "127.0.2651.98",
"matchCriteriaId": "67F69852-AA3E-42A9-B482-F4F2A48B998E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38218", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38218",
"source": "secure@microsoft.com" "source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

47
CVE-2024/CVE-2024-404xx/CVE-2024-40427.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-40427", "id": "CVE-2024-40427",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-07T19:15:32.260", "published": "2025-01-07T19:15:32.260",
"lastModified": "2025-01-07T19:15:32.260", "lastModified": "2025-01-08T19:15:31.043",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute" "value": "Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute"
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer de pila en PX4-Autopilot v1.14.3, que permite a los atacantes ejecutar comandos para explotar esta vulnerabilidad y hacer que el programa se niegue a ejecutarse"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://github.com/PX4/PX4-Autopilot/commit/e03e0261a1a0c82f545e66a1e3795956c886db71", "url": "https://github.com/PX4/PX4-Autopilot/commit/e03e0261a1a0c82f545e66a1e3795956c886db71",
@ -20,6 +59,10 @@
{ {
"url": "https://github.com/PX4/PX4-Autopilot/security/advisories/GHSA-55wq-2hgm-75m4", "url": "https://github.com/PX4/PX4-Autopilot/security/advisories/GHSA-55wq-2hgm-75m4",
"source": "cve@mitre.org" "source": "cve@mitre.org"
},
{
"url": "https://github.com/PX4/PX4-Autopilot/security/advisories/GHSA-55wq-2hgm-75m4",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

57
CVE-2024/CVE-2024-417xx/CVE-2024-41713.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41713", "id": "CVE-2024-41713",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-21T21:15:06.470", "published": "2024-10-21T21:15:06.470",
"lastModified": "2025-01-08T02:00:01.937", "lastModified": "2025-01-08T20:31:25.237",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -44,6 +64,16 @@
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Mitel MiCollab Path Traversal Vulnerability", "cisaVulnerabilityName": "Mitel MiCollab Path Traversal Vulnerability",
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -55,10 +85,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:*:*:*:*:*:-:*:*",
"versionEndIncluding": "9.8.1.201",
"matchCriteriaId": "0C99C6FC-75C9-4886-ACF0-997A750E10F0"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029", "url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

65
CVE-2024/CVE-2024-424xx/CVE-2024-42426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42426", "id": "CVE-2024-42426",
"sourceIdentifier": "security_alert@emc.com", "sourceIdentifier": "security_alert@emc.com",
"published": "2024-12-09T15:15:15.450", "published": "2024-12-09T15:15:15.450",
"lastModified": "2024-12-09T15:15:15.450", "lastModified": "2025-01-08T20:06:04.867",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,25 +36,82 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security_alert@emc.com", "source": "security_alert@emc.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
"value": "CWE-400" "value": "CWE-400"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.5.0.0",
"versionEndExcluding": "9.7.1.3",
"matchCriteriaId": "CF71E55E-E879-41BC-A5C1-635C2732C28B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:powerscale_onefs:9.8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8B26C94F-8198-4439-BE83-F01232D2B1B0"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://www.dell.com/support/kbdoc/en-in/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities", "url": "https://www.dell.com/support/kbdoc/en-in/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities",
"source": "security_alert@emc.com" "source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

94
CVE-2024/CVE-2024-43xx/CVE-2024-4378.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4378", "id": "CVE-2024-4378",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T11:15:24.243", "published": "2024-05-23T11:15:24.243",
"lastModified": "2024-11-21T09:42:43.957", "lastModified": "2025-01-08T20:07:57.800",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,41 +36,115 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.10.32",
"matchCriteriaId": "D1485AD4-5C0F-43FA-806C-50CE817DB90C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/includes/pa-nav-menu-walker.php#L394", "url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/includes/pa-nav-menu-walker.php#L394",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/modules/premium-shape-divider/module.php#L1047", "url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/modules/premium-shape-divider/module.php#L1047",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3090037", "url": "https://plugins.trac.wordpress.org/changeset/3090037",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f891a6c8-3d06-432e-8651-bb689015af1c?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f891a6c8-3d06-432e-8651-bb689015af1c?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/includes/pa-nav-menu-walker.php#L394", "url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/includes/pa-nav-menu-walker.php#L394",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/modules/premium-shape-divider/module.php#L1047", "url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/modules/premium-shape-divider/module.php#L1047",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3090037", "url": "https://plugins.trac.wordpress.org/changeset/3090037",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f891a6c8-3d06-432e-8651-bb689015af1c?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f891a6c8-3d06-432e-8651-bb689015af1c?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

16
CVE-2024/CVE-2024-453xx/CVE-2024-45342.json Normal file
View File

@ -0,0 +1,16 @@
{
"id": "CVE-2024-45342",
"sourceIdentifier": "security@golang.org",
"published": "2025-01-08T20:15:27.583",
"lastModified": "2025-01-08T20:15:27.583",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: reserved but not needed"
}
],
"metrics": {},
"references": []
}

16
CVE-2024/CVE-2024-453xx/CVE-2024-45343.json Normal file
View File

@ -0,0 +1,16 @@
{
"id": "CVE-2024-45343",
"sourceIdentifier": "security@golang.org",
"published": "2025-01-08T20:15:27.690",
"lastModified": "2025-01-08T20:15:27.690",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: reserved but not needed"
}
],
"metrics": {},
"references": []
}

16
CVE-2024/CVE-2024-453xx/CVE-2024-45344.json Normal file
View File

@ -0,0 +1,16 @@
{
"id": "CVE-2024-45344",
"sourceIdentifier": "security@golang.org",
"published": "2025-01-08T20:15:27.753",
"lastModified": "2025-01-08T20:15:27.753",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: reserved but not needed"
}
],
"metrics": {},
"references": []
}

16
CVE-2024/CVE-2024-453xx/CVE-2024-45345.json Normal file
View File

@ -0,0 +1,16 @@
{
"id": "CVE-2024-45345",
"sourceIdentifier": "security@golang.org",
"published": "2025-01-08T20:15:27.843",
"lastModified": "2025-01-08T20:15:27.843",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: reserved but not needed"
}
],
"metrics": {},
"references": []
}

72
CVE-2024/CVE-2024-45xx/CVE-2024-4563.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4563", "id": "CVE-2024-4563",
"sourceIdentifier": "security@progress.com", "sourceIdentifier": "security@progress.com",
"published": "2024-05-22T17:16:15.730", "published": "2024-05-22T17:16:15.730",
"lastModified": "2024-11-21T09:43:06.930", "lastModified": "2025-01-08T19:51:35.093",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.6, "exploitabilityScore": 1.6,
"impactScore": 4.0 "impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,24 +69,64 @@
"value": "CWE-327" "value": "CWE-327"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:moveit_automation:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.0.0",
"matchCriteriaId": "82D5B62F-3826-4F9F-A30E-1CF59F818505"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://community.progress.com/s/article/MOVEit-Automation-Vulnerability-CVE-2024-4563-May-22-2024", "url": "https://community.progress.com/s/article/MOVEit-Automation-Vulnerability-CVE-2024-4563-May-22-2024",
"source": "security@progress.com" "source": "security@progress.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.progress.com/moveit", "url": "https://www.progress.com/moveit",
"source": "security@progress.com" "source": "security@progress.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://community.progress.com/s/article/MOVEit-Automation-Vulnerability-CVE-2024-4563-May-22-2024", "url": "https://community.progress.com/s/article/MOVEit-Automation-Vulnerability-CVE-2024-4563-May-22-2024",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.progress.com/moveit", "url": "https://www.progress.com/moveit",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
} }
] ]
} }

45
CVE-2024/CVE-2024-466xx/CVE-2024-46601.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-46601", "id": "CVE-2024-46601",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-07T16:15:34.087", "published": "2025-01-07T16:15:34.087",
"lastModified": "2025-01-07T16:15:34.087", "lastModified": "2025-01-08T20:15:27.920",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow." "value": "Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 conten\u00eda un desbordamiento de b\u00fafer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "http://elspec.com", "url": "http://elspec.com",

74
CVE-2024/CVE-2024-49xx/CVE-2024-4971.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4971", "id": "CVE-2024-4971",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-05-22T06:15:14.637", "published": "2024-05-22T06:15:14.637",
"lastModified": "2024-11-21T09:43:58.747", "lastModified": "2025-01-08T19:28:26.847",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,25 +36,87 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.2.6.7",
"matchCriteriaId": "F9332529-AAD2-4164-8A85-A594B4299A3F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wordpress.org/plugins/learnpress/#developers", "url": "https://wordpress.org/plugins/learnpress/#developers",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/10b08a05-3561-4d05-985b-6a2339a547a7?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/10b08a05-3561-4d05-985b-6a2339a547a7?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://wordpress.org/plugins/learnpress/#developers", "url": "https://wordpress.org/plugins/learnpress/#developers",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/10b08a05-3561-4d05-985b-6a2339a547a7?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/10b08a05-3561-4d05-985b-6a2339a547a7?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

41
CVE-2024/CVE-2024-514xx/CVE-2024-51442.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51442", "id": "CVE-2024-51442",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-08T18:15:16.650", "published": "2025-01-08T18:15:16.650",
"lastModified": "2025-01-08T18:15:16.650", "lastModified": "2025-01-08T20:15:28.137",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -11,7 +11,42 @@
"value": "Command Injection in Minidlna version v1.3.3 and before allows an attacker to execute arbitrary OS commands via a specially crafted minidlna.conf configuration file." "value": "Command Injection in Minidlna version v1.3.3 and before allows an attacker to execute arbitrary OS commands via a specially crafted minidlna.conf configuration file."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/mselbrede/CVE-2024-51442", "url": "https://github.com/mselbrede/CVE-2024-51442",

33
CVE-2024/CVE-2024-535xx/CVE-2024-53526.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-53526",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-08T19:15:37.753",
"lastModified": "2025-01-08T19:15:37.753",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "composio >=0.5.40 is vulnerable to Command Execution in composio_openai, composio_claude, and composio_julep via the handle_tool_calls function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/claude/composio_claude/toolset.py#L156",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/julep/composio_julep/toolset.py#L21",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/ComposioHQ/composio/blob/11ee7470aa6543097ee30bb036af8e9726dc7a85/python/plugins/openai/composio_openai/toolset.py#L184",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/ComposioHQ/composio/issues/1073",
"source": "cve@mitre.org"
}
]
}

43
CVE-2024/CVE-2024-535xx/CVE-2024-53564.json
View File

@ -2,13 +2,20 @@
"id": "CVE-2024-53564", "id": "CVE-2024-53564",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-12-02T18:15:11.353", "published": "2024-12-02T18:15:11.353",
"lastModified": "2024-12-03T21:15:07.807", "lastModified": "2025-01-08T19:15:38.050",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A serious vulnerability was discovered in FreePBX 17.0.19.17. FreePBX does not verify the type of uploaded files and does not restrict user access paths, allowing attackers to remotely control the FreePBX server by uploading malicious files with malicious content and accessing the default directory where the files are uploaded. This will result in particularly serious consequences." "value": "A vulnerability was discovered in FreePBX 17.0.19.17. It does not verify the type of uploaded (valid FreePBX module) files, allowing high-privilege administrators to insert unwanted files. NOTE: the Supplier's position is that there is no risk beyond what high-privilege administrators are intentionally allowed to do."
}, },
{ {
"lang": "es", "lang": "es",
@ -17,6 +24,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 2.2,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.7,
"impactScore": 1.4
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -40,6 +67,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",

60
CVE-2024/CVE-2024-548xx/CVE-2024-54818.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-54818",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-08T19:15:38.290",
"lastModified": "2025-01-08T20:15:28.303",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
}
],
"references": [
{
"url": "https://github.com/CloseC4ll/vulnerability-research/tree/main/CVE-2024-54818",
"source": "cve@mitre.org"
},
{
"url": "https://portswigger.net/web-security/access-control#how-to-prevent-access-control-vulnerabilities",
"source": "cve@mitre.org"
}
]
}

49
CVE-2024/CVE-2024-550xx/CVE-2024-55008.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-55008", "id": "CVE-2024-55008",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-07T16:15:36.337", "published": "2025-01-07T16:15:36.337",
"lastModified": "2025-01-07T16:15:36.337", "lastModified": "2025-01-08T20:15:28.467",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "JATOS 3.9.4 contains a denial-of-service (DoS) vulnerability in the authentication system, where an attacker can prevent legitimate users from accessing their accounts by repeatedly sending multiple failed login attempts. Specifically, by submitting 3 incorrect login attempts every minute, the attacker can trigger the account lockout mechanism on the account level, effectively locking the user out indefinitely. Since the lockout is applied to the user account and not based on the IP address, any attacker can trigger the lockout on any user account, regardless of their privileges." "value": "JATOS 3.9.4 contains a denial-of-service (DoS) vulnerability in the authentication system, where an attacker can prevent legitimate users from accessing their accounts by repeatedly sending multiple failed login attempts. Specifically, by submitting 3 incorrect login attempts every minute, the attacker can trigger the account lockout mechanism on the account level, effectively locking the user out indefinitely. Since the lockout is applied to the user account and not based on the IP address, any attacker can trigger the lockout on any user account, regardless of their privileges."
},
{
"lang": "es",
"value": "JATOS 3.9.4 contiene una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en el sistema de autenticaci\u00f3n, donde un atacante puede evitar que usuarios leg\u00edtimos accedan a sus cuentas al enviar repetidamente m\u00faltiples intentos de inicio de sesi\u00f3n fallidos. En concreto, al enviar 3 intentos de inicio de sesi\u00f3n incorrectos cada minuto, el atacante puede activar el mecanismo de bloqueo de cuenta a nivel de cuenta, bloqueando efectivamente al usuario de forma indefinida. Dado que el bloqueo se aplica a la cuenta de usuario y no se basa en la direcci\u00f3n IP, cualquier atacante puede activar el bloqueo en cualquier cuenta de usuario, independientemente de sus privilegios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "http://jatos.com", "url": "http://jatos.com",
@ -20,6 +59,10 @@
{ {
"url": "https://hacking-notes.medium.com/cve-2024-51379-jatos-v3-9-4-account-lockout-denial-of-service-cc970f4ca58f", "url": "https://hacking-notes.medium.com/cve-2024-51379-jatos-v3-9-4-account-lockout-denial-of-service-cc970f4ca58f",
"source": "cve@mitre.org" "source": "cve@mitre.org"
},
{
"url": "https://hacking-notes.medium.com/cve-2024-51379-jatos-v3-9-4-account-lockout-denial-of-service-cc970f4ca58f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

45
CVE-2024/CVE-2024-554xx/CVE-2024-55411.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-55411", "id": "CVE-2024-55411",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-07T18:15:20.543", "published": "2025-01-07T18:15:20.543",
"lastModified": "2025-01-07T18:15:20.543", "lastModified": "2025-01-08T20:15:28.640",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "An issue in the snxpcamd.sys component of SUNIX Multi I/O Card v10.1.0.0 allows attackers to perform arbitrary read and write actions via supplying crafted IOCTL requests." "value": "An issue in the snxpcamd.sys component of SUNIX Multi I/O Card v10.1.0.0 allows attackers to perform arbitrary read and write actions via supplying crafted IOCTL requests."
},
{
"lang": "es",
"value": "Un problema en el componente snxpcamd.sys de SUNIX Multi I/O Card v10.1.0.0 permite a los atacantes realizar acciones de lectura y escritura arbitrarias mediante el suministro de solicitudes IOCTL manipuladas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://github.com/heyheysky/vulnerable-driver/blob/master/CVE-2024-55411/CVE-2024-55411_snxpcamd.sys_README.md", "url": "https://github.com/heyheysky/vulnerable-driver/blob/master/CVE-2024-55411/CVE-2024-55411_snxpcamd.sys_README.md",

41
CVE-2024/CVE-2024-555xx/CVE-2024-55517.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55517", "id": "CVE-2024-55517",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-08T16:15:36.080", "published": "2025-01-08T16:15:36.080",
"lastModified": "2025-01-08T16:15:36.080", "lastModified": "2025-01-08T20:15:28.810",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -11,7 +11,42 @@
"value": "An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session." "value": "An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://hackmd.io/@AowPhwc/SyvEiDsIye", "url": "https://hackmd.io/@AowPhwc/SyvEiDsIye",

72
CVE-2024/CVE-2024-555xx/CVE-2024-55550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55550", "id": "CVE-2024-55550",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-12-10T19:15:31.110", "published": "2024-12-10T19:15:31.110",
"lastModified": "2025-01-08T02:00:01.937", "lastModified": "2025-01-08T20:46:01.203",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -44,6 +64,16 @@
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Mitel MiCollab Path Traversal Vulnerability", "cisaVulnerabilityName": "Mitel MiCollab Path Traversal Vulnerability",
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -55,14 +85,48 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:*:*:*:*:*:-:*:*",
"versionEndExcluding": "9.8",
"matchCriteriaId": "E8AEF239-B12F-4BB2-BD66-CAEE28F5C8F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:9.8:-:*:*:*:-:*:*",
"matchCriteriaId": "3961CA44-5F11-4077-87E4-CE0DC4CC2C75"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mitel:micollab:9.8:sp1:*:*:*:-:*:*",
"matchCriteriaId": "5567FF4F-4420-4B93-8661-7BC4EB067E19"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.mitel.com/support/security-advisories", "url": "https://www.mitel.com/support/security-advisories",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029", "url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

45
CVE-2024/CVE-2024-555xx/CVE-2024-55556.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-55556", "id": "CVE-2024-55556",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-07T16:15:37.017", "published": "2025-01-07T16:15:37.017",
"lastModified": "2025-01-07T16:15:37.017", "lastModified": "2025-01-08T20:15:28.987",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability in Crater Invoice allows an unauthenticated attacker with knowledge of the APP_KEY to achieve remote command execution on the server by manipulating the laravel_session cookie, exploiting arbitrary deserialization through the encrypted session data. The exploitation vector of this vulnerability relies on an attacker obtaining Laravel's secret APP_KEY, which would allow them to decrypt and manipulate session cookies (laravel_session) containing serialized data. By altering this data and re-encrypting it with the APP_KEY, the attacker could trigger arbitrary deserialization on the server, potentially leading to remote command execution (RCE). The vulnerability is primarily exploited by accessing an exposed cookie and manipulating it using the secret key to gain malicious access to the server." "value": "A vulnerability in Crater Invoice allows an unauthenticated attacker with knowledge of the APP_KEY to achieve remote command execution on the server by manipulating the laravel_session cookie, exploiting arbitrary deserialization through the encrypted session data. The exploitation vector of this vulnerability relies on an attacker obtaining Laravel's secret APP_KEY, which would allow them to decrypt and manipulate session cookies (laravel_session) containing serialized data. By altering this data and re-encrypting it with the APP_KEY, the attacker could trigger arbitrary deserialization on the server, potentially leading to remote command execution (RCE). The vulnerability is primarily exploited by accessing an exposed cookie and manipulating it using the secret key to gain malicious access to the server."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Crater Invoice permite a un atacante no autenticado con conocimiento de APP_KEY lograr la ejecuci\u00f3n remota de comandos en el servidor manipulando la cookie laravel_session, explotando la deserializaci\u00f3n arbitraria a trav\u00e9s de los datos de sesi\u00f3n cifrados. El vector de explotaci\u00f3n de esta vulnerabilidad se basa en que un atacante obtenga la APP_KEY secreta de Laravel, lo que le permitir\u00eda descifrar y manipular las cookies de sesi\u00f3n (laravel_session) que contienen datos serializados. Al alterar estos datos y volver a cifrarlos con la APP_KEY, el atacante podr\u00eda desencadenar una deserializaci\u00f3n arbitraria en el servidor, lo que podr\u00eda llevar a la ejecuci\u00f3n remota de comandos (RCE). La vulnerabilidad se explota principalmente accediendo a una cookie expuesta y manipul\u00e1ndola utilizando la clave secreta para obtener acceso malicioso al servidor."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://github.com/crater-invoice/crater", "url": "https://github.com/crater-invoice/crater",

42
CVE-2024/CVE-2024-70xx/CVE-2024-7063.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7063", "id": "CVE-2024-7063",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-08-15T06:15:11.693", "published": "2024-08-15T06:15:11.693",
"lastModified": "2024-08-15T13:01:10.150", "lastModified": "2025-01-08T20:33:37.817",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,16 +49,50 @@
"value": "CWE-200" "value": "CWE-200"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:elementskit:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "3.6.7",
"matchCriteriaId": "2D2F5369-7873-4CD6-9F27-DE3EDC7C26AC"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://wpmet.com/plugin/elementskit/", "url": "https://wpmet.com/plugin/elementskit/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d35dd18b-0f05-482f-aef3-08977cbec8a0?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d35dd18b-0f05-482f-aef3-08977cbec8a0?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

64
CVE-2024/CVE-2024-70xx/CVE-2024-7064.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7064", "id": "CVE-2024-7064",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-08-15T06:15:12.160", "published": "2024-08-15T06:15:12.160",
"lastModified": "2024-08-15T13:01:10.150", "lastModified": "2025-01-08T20:30:58.207",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -19,7 +19,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -49,16 +69,50 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:elementskit:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "3.6.6",
"matchCriteriaId": "69A85312-CCB2-4931-B314-E2653E54C4C6"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://wpmet.com/plugin/elementskit/", "url": "https://wpmet.com/plugin/elementskit/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/181e6f3a-dbcf-44a6-b725-6325d9e56453?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/181e6f3a-dbcf-44a6-b725-6325d9e56453?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

84
CVE-2024/CVE-2024-70xx/CVE-2024-7092.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7092", "id": "CVE-2024-7092",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-08-13T05:15:14.027", "published": "2024-08-13T05:15:14.027",
"lastModified": "2024-08-13T12:58:25.437", "lastModified": "2025-01-08T20:53:45.230",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -19,7 +19,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -49,32 +69,78 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.9.27",
"matchCriteriaId": "617C3D61-A4F2-42F2-BFE8-29199F97DE46"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://essential-addons.com/changelog/", "url": "https://essential-addons.com/changelog/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3879", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3879",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3900", "url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Elements/Filterable_Gallery.php#L3900",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3134194/", "url": "https://plugins.trac.wordpress.org/changeset/3134194/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://wordpress.org/plugins/essential-addons-for-elementor-lite/#developers", "url": "https://wordpress.org/plugins/essential-addons-for-elementor-lite/#developers",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/718c60c1-6117-4959-a907-d0ef457f7185?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/718c60c1-6117-4959-a907-d0ef457f7185?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

60
CVE-2025/CVE-2025-01xx/CVE-2025-0194.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-0194",
"sourceIdentifier": "cve@gitlab.com",
"published": "2025-01-08T20:15:29.193",
"lastModified": "2025-01-08T20:15:29.193",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GitLab CE/EE affecting all versions starting from 17.4 prior to 17.5.1, starting from 17.6 prior to 17.6.1, and starting from 17.7 prior to 17.7.1. Under certain conditions, access tokens may have been logged when API requests were made in a specific manner."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-538"
}
]
}
],
"references": [
{
"url": "https://about.gitlab.com/releases/2025/01/08/patch-release-gitlab-17-7-1-released/#possible-access-token-exposure-in-gitlab-logs",
"source": "cve@gitlab.com"
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/489459",
"source": "cve@gitlab.com"
}
]
}

70
CVE-2025/CVE-2025-02xx/CVE-2025-0291.json Normal file
View File

@ -0,0 +1,70 @@
{
"id": "CVE-2025-0291",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2025-01-08T19:15:38.420",
"lastModified": "2025-01-08T20:15:29.353",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "chrome-cve-admin@google.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://issues.chromium.org/issues/383356864",
"source": "chrome-cve-admin@google.com"
}
]
}

10
CVE-2025/CVE-2025-201xx/CVE-2025-20126.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-20126", "id": "CVE-2025-20126",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2025-01-08T16:15:38.357", "published": "2025-01-08T16:15:38.357",
"lastModified": "2025-01-08T16:15:38.357", "lastModified": "2025-01-08T19:15:38.553",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,7 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Primary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
@ -38,7 +38,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -51,10 +51,6 @@
{ {
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N",
"source": "ykramarz@cisco.com" "source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xwork-xss-KCcg7WwU",
"source": "ykramarz@cisco.com"
} }
] ]
} }

82
CVE-2025/CVE-2025-221xx/CVE-2025-22139.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-22139",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-08T19:15:38.717",
"lastModified": "2025-01-08T20:15:29.693",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_geral.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This vulnerability is fixed in 3.2.8."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "ACTIVE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-xrjq-57mq-4hf8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-xrjq-57mq-4hf8",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

82
CVE-2025/CVE-2025-221xx/CVE-2025-22140.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-22140",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-08T19:15:38.863",
"lastModified": "2025-01-08T20:15:29.800",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /html/funcionario/dependente_listar_um.php endpoint, specifically in the id_dependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This vulnerability is fixed in 3.2.8."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-mrhp-wfp2-59h5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-mrhp-wfp2-59h5",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

82
CVE-2025/CVE-2025-221xx/CVE-2025-22141.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-22141",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-08T19:15:39.017",
"lastModified": "2025-01-08T20:15:29.897",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /dao/verificar_recursos_cargo.php endpoint, specifically in the cargo parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This vulnerability is fixed in 3.2.8."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-w7hp-2w2c-p636",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-w7hp-2w2c-p636",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

78
CVE-2025/CVE-2025-221xx/CVE-2025-22143.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-22143",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-08T20:15:30.003",
"lastModified": "2025-01-08T20:15:30.003",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the listar_permissoes.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_e parameter. This vulnerability is fixed in 3.2.8."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "ACTIVE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-gxh2-8jxp-m59h",
"source": "security-advisories@github.com"
}
]
}

99
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2025-01-08T19:00:22.213675+00:00 2025-01-08T21:00:19.924394+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2025-01-08T18:59:45.373000+00:00 2025-01-08T20:58:28.473000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,69 +33,58 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
276319 276333
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `27` Recently added CVEs: `14`
- [CVE-2024-51442](CVE-2024/CVE-2024-514xx/CVE-2024-51442.json) (`2025-01-08T18:15:16.650`) - [CVE-2024-13188](CVE-2024/CVE-2024-131xx/CVE-2024-13188.json) (`2025-01-08T19:15:30.840`)
- [CVE-2024-55459](CVE-2024/CVE-2024-554xx/CVE-2024-55459.json) (`2025-01-08T17:15:15.817`) - [CVE-2024-13189](CVE-2024/CVE-2024-131xx/CVE-2024-13189.json) (`2025-01-08T20:15:27.353`)
- [CVE-2024-56770](CVE-2024/CVE-2024-567xx/CVE-2024-56770.json) (`2025-01-08T17:15:15.957`) - [CVE-2024-45342](CVE-2024/CVE-2024-453xx/CVE-2024-45342.json) (`2025-01-08T20:15:27.583`)
- [CVE-2024-56771](CVE-2024/CVE-2024-567xx/CVE-2024-56771.json) (`2025-01-08T18:15:17.777`) - [CVE-2024-45343](CVE-2024/CVE-2024-453xx/CVE-2024-45343.json) (`2025-01-08T20:15:27.690`)
- [CVE-2024-56772](CVE-2024/CVE-2024-567xx/CVE-2024-56772.json) (`2025-01-08T18:15:17.897`) - [CVE-2024-45344](CVE-2024/CVE-2024-453xx/CVE-2024-45344.json) (`2025-01-08T20:15:27.753`)
- [CVE-2024-56773](CVE-2024/CVE-2024-567xx/CVE-2024-56773.json) (`2025-01-08T18:15:18.087`) - [CVE-2024-45345](CVE-2024/CVE-2024-453xx/CVE-2024-45345.json) (`2025-01-08T20:15:27.843`)
- [CVE-2024-56774](CVE-2024/CVE-2024-567xx/CVE-2024-56774.json) (`2025-01-08T18:15:18.213`) - [CVE-2024-53526](CVE-2024/CVE-2024-535xx/CVE-2024-53526.json) (`2025-01-08T19:15:37.753`)
- [CVE-2024-56775](CVE-2024/CVE-2024-567xx/CVE-2024-56775.json) (`2025-01-08T18:15:18.333`) - [CVE-2024-54818](CVE-2024/CVE-2024-548xx/CVE-2024-54818.json) (`2025-01-08T19:15:38.290`)
- [CVE-2024-56776](CVE-2024/CVE-2024-567xx/CVE-2024-56776.json) (`2025-01-08T18:15:18.447`) - [CVE-2025-0194](CVE-2025/CVE-2025-01xx/CVE-2025-0194.json) (`2025-01-08T20:15:29.193`)
- [CVE-2024-56777](CVE-2024/CVE-2024-567xx/CVE-2024-56777.json) (`2025-01-08T18:15:18.560`) - [CVE-2025-0291](CVE-2025/CVE-2025-02xx/CVE-2025-0291.json) (`2025-01-08T19:15:38.420`)
- [CVE-2024-56778](CVE-2024/CVE-2024-567xx/CVE-2024-56778.json) (`2025-01-08T18:15:18.683`) - [CVE-2025-22139](CVE-2025/CVE-2025-221xx/CVE-2025-22139.json) (`2025-01-08T19:15:38.717`)
- [CVE-2024-56779](CVE-2024/CVE-2024-567xx/CVE-2024-56779.json) (`2025-01-08T18:15:18.793`) - [CVE-2025-22140](CVE-2025/CVE-2025-221xx/CVE-2025-22140.json) (`2025-01-08T19:15:38.863`)
- [CVE-2024-56780](CVE-2024/CVE-2024-567xx/CVE-2024-56780.json) (`2025-01-08T18:15:18.910`) - [CVE-2025-22141](CVE-2025/CVE-2025-221xx/CVE-2025-22141.json) (`2025-01-08T19:15:39.017`)
- [CVE-2024-56781](CVE-2024/CVE-2024-567xx/CVE-2024-56781.json) (`2025-01-08T18:15:19.030`) - [CVE-2025-22143](CVE-2025/CVE-2025-221xx/CVE-2025-22143.json) (`2025-01-08T20:15:30.003`)
- [CVE-2024-56782](CVE-2024/CVE-2024-567xx/CVE-2024-56782.json) (`2025-01-08T18:15:19.147`)
- [CVE-2024-56783](CVE-2024/CVE-2024-567xx/CVE-2024-56783.json) (`2025-01-08T18:15:19.247`)
- [CVE-2024-56784](CVE-2024/CVE-2024-567xx/CVE-2024-56784.json) (`2025-01-08T18:15:19.357`)
- [CVE-2024-56785](CVE-2024/CVE-2024-567xx/CVE-2024-56785.json) (`2025-01-08T18:15:19.487`)
- [CVE-2024-56786](CVE-2024/CVE-2024-567xx/CVE-2024-56786.json) (`2025-01-08T18:15:19.633`)
- [CVE-2024-56787](CVE-2024/CVE-2024-567xx/CVE-2024-56787.json) (`2025-01-08T18:15:19.763`)
- [CVE-2024-6350](CVE-2024/CVE-2024-63xx/CVE-2024-6350.json) (`2025-01-08T18:15:19.880`)
- [CVE-2025-20166](CVE-2025/CVE-2025-201xx/CVE-2025-20166.json) (`2025-01-08T17:15:16.990`)
- [CVE-2025-20167](CVE-2025/CVE-2025-201xx/CVE-2025-20167.json) (`2025-01-08T17:15:17.163`)
- [CVE-2025-20168](CVE-2025/CVE-2025-201xx/CVE-2025-20168.json) (`2025-01-08T17:15:17.323`)
- [CVE-2025-21111](CVE-2025/CVE-2025-211xx/CVE-2025-21111.json) (`2025-01-08T18:15:20.157`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `131` Recently modified CVEs: `54`
- [CVE-2024-32967](CVE-2024/CVE-2024-329xx/CVE-2024-32967.json) (`2025-01-08T18:30:33.600`) - [CVE-2024-30056](CVE-2024/CVE-2024-300xx/CVE-2024-30056.json) (`2025-01-08T20:20:05.590`)
- [CVE-2024-3560](CVE-2024/CVE-2024-35xx/CVE-2024-3560.json) (`2025-01-08T17:25:20.823`) - [CVE-2024-3018](CVE-2024/CVE-2024-30xx/CVE-2024-3018.json) (`2025-01-08T19:35:58.073`)
- [CVE-2024-3598](CVE-2024/CVE-2024-35xx/CVE-2024-3598.json) (`2025-01-08T17:26:13.300`) - [CVE-2024-31894](CVE-2024/CVE-2024-318xx/CVE-2024-31894.json) (`2025-01-08T19:58:17.603`)
- [CVE-2024-3923](CVE-2024/CVE-2024-39xx/CVE-2024-3923.json) (`2025-01-08T18:43:59.440`) - [CVE-2024-31895](CVE-2024/CVE-2024-318xx/CVE-2024-31895.json) (`2025-01-08T20:03:38.133`)
- [CVE-2024-39683](CVE-2024/CVE-2024-396xx/CVE-2024-39683.json) (`2025-01-08T18:24:07.627`) - [CVE-2024-3333](CVE-2024/CVE-2024-33xx/CVE-2024-3333.json) (`2025-01-08T19:43:24.987`)
- [CVE-2024-41952](CVE-2024/CVE-2024-419xx/CVE-2024-41952.json) (`2025-01-08T18:27:21.500`) - [CVE-2024-38163](CVE-2024/CVE-2024-381xx/CVE-2024-38163.json) (`2025-01-08T20:50:00.877`)
- [CVE-2024-41953](CVE-2024/CVE-2024-419xx/CVE-2024-41953.json) (`2025-01-08T18:29:25.370`) - [CVE-2024-38218](CVE-2024/CVE-2024-382xx/CVE-2024-38218.json) (`2025-01-08T20:58:28.473`)
- [CVE-2024-4430](CVE-2024/CVE-2024-44xx/CVE-2024-4430.json) (`2025-01-08T18:43:41.327`) - [CVE-2024-40427](CVE-2024/CVE-2024-404xx/CVE-2024-40427.json) (`2025-01-08T19:15:31.043`)
- [CVE-2024-53933](CVE-2024/CVE-2024-539xx/CVE-2024-53933.json) (`2025-01-08T18:15:16.830`) - [CVE-2024-41713](CVE-2024/CVE-2024-417xx/CVE-2024-41713.json) (`2025-01-08T20:31:25.237`)
- [CVE-2024-53934](CVE-2024/CVE-2024-539xx/CVE-2024-53934.json) (`2025-01-08T17:15:15.630`) - [CVE-2024-42426](CVE-2024/CVE-2024-424xx/CVE-2024-42426.json) (`2025-01-08T20:06:04.867`)
- [CVE-2024-53936](CVE-2024/CVE-2024-539xx/CVE-2024-53936.json) (`2025-01-08T18:15:17.067`) - [CVE-2024-4378](CVE-2024/CVE-2024-43xx/CVE-2024-4378.json) (`2025-01-08T20:07:57.800`)
- [CVE-2024-54491](CVE-2024/CVE-2024-544xx/CVE-2024-54491.json) (`2025-01-08T18:06:21.337`) - [CVE-2024-4563](CVE-2024/CVE-2024-45xx/CVE-2024-4563.json) (`2025-01-08T19:51:35.093`)
- [CVE-2024-56536](CVE-2024/CVE-2024-565xx/CVE-2024-56536.json) (`2025-01-08T17:08:05.557`) - [CVE-2024-46601](CVE-2024/CVE-2024-466xx/CVE-2024-46601.json) (`2025-01-08T20:15:27.920`)
- [CVE-2024-56578](CVE-2024/CVE-2024-565xx/CVE-2024-56578.json) (`2025-01-08T17:08:24.730`) - [CVE-2024-4971](CVE-2024/CVE-2024-49xx/CVE-2024-4971.json) (`2025-01-08T19:28:26.847`)
- [CVE-2024-56579](CVE-2024/CVE-2024-565xx/CVE-2024-56579.json) (`2025-01-08T17:08:40.187`) - [CVE-2024-51442](CVE-2024/CVE-2024-514xx/CVE-2024-51442.json) (`2025-01-08T20:15:28.137`)
- [CVE-2024-56608](CVE-2024/CVE-2024-566xx/CVE-2024-56608.json) (`2025-01-08T17:10:01.233`) - [CVE-2024-53564](CVE-2024/CVE-2024-535xx/CVE-2024-53564.json) (`2025-01-08T19:15:38.050`)
- [CVE-2024-56614](CVE-2024/CVE-2024-566xx/CVE-2024-56614.json) (`2025-01-08T17:10:39.210`) - [CVE-2024-55008](CVE-2024/CVE-2024-550xx/CVE-2024-55008.json) (`2025-01-08T20:15:28.467`)
- [CVE-2024-56688](CVE-2024/CVE-2024-566xx/CVE-2024-56688.json) (`2025-01-08T17:11:05.457`) - [CVE-2024-55411](CVE-2024/CVE-2024-554xx/CVE-2024-55411.json) (`2025-01-08T20:15:28.640`)
- [CVE-2024-56694](CVE-2024/CVE-2024-566xx/CVE-2024-56694.json) (`2025-01-08T17:11:31.067`) - [CVE-2024-55517](CVE-2024/CVE-2024-555xx/CVE-2024-55517.json) (`2025-01-08T20:15:28.810`)
- [CVE-2024-56708](CVE-2024/CVE-2024-567xx/CVE-2024-56708.json) (`2025-01-08T17:11:50.683`) - [CVE-2024-55550](CVE-2024/CVE-2024-555xx/CVE-2024-55550.json) (`2025-01-08T20:46:01.203`)
- [CVE-2025-0238](CVE-2025/CVE-2025-02xx/CVE-2025-0238.json) (`2025-01-08T17:15:16.070`) - [CVE-2024-55556](CVE-2024/CVE-2024-555xx/CVE-2024-55556.json) (`2025-01-08T20:15:28.987`)
- [CVE-2025-0239](CVE-2025/CVE-2025-02xx/CVE-2025-0239.json) (`2025-01-08T17:15:16.240`) - [CVE-2024-7063](CVE-2024/CVE-2024-70xx/CVE-2024-7063.json) (`2025-01-08T20:33:37.817`)
- [CVE-2025-0240](CVE-2025/CVE-2025-02xx/CVE-2025-0240.json) (`2025-01-08T17:15:16.403`) - [CVE-2024-7064](CVE-2024/CVE-2024-70xx/CVE-2024-7064.json) (`2025-01-08T20:30:58.207`)
- [CVE-2025-0242](CVE-2025/CVE-2025-02xx/CVE-2025-0242.json) (`2025-01-08T17:15:16.563`) - [CVE-2024-7092](CVE-2024/CVE-2024-70xx/CVE-2024-7092.json) (`2025-01-08T20:53:45.230`)
- [CVE-2025-0243](CVE-2025/CVE-2025-02xx/CVE-2025-0243.json) (`2025-01-08T17:15:16.723`) - [CVE-2025-20126](CVE-2025/CVE-2025-201xx/CVE-2025-20126.json) (`2025-01-08T19:15:38.553`)
## Download and Usage ## Download and Usage

436
_state.csv
View File

File diff suppressed because it is too large Load Diff